Features Library
Explore 262+ advanced tools designed to simplify, enhance, and customize every aspect of your WordPress site — all in one powerful library.
No posts found
Security Tab > File & API Restrictions
Disable .htaccess File Access
How it works:
Prevents direct access to .htaccess files through HTTP requests by adding server-level restrictions that return 403 Forbidden errors for .htaccess access attempts.Benefits:
Protects server configuration from exposure, prevents sensitive rule disclosure, and blocks potential security reconnaissance attempts.
Prevents direct access to .htaccess files through HTTP requests by adding server-level restrictions that return 403 Forbidden errors for .htaccess access attempts.Benefits:
Protects server configuration from exposure, prevents sensitive rule disclosure, and blocks potential security reconnaissance attempts.
Security Tab > File & API Restrictions
Disable all changes to all files via admin area
How it works:
Removes file editing capabilities from the WordPress admin area, including theme editor, plugin editor, and file management functions to prevent unauthorized code modifications.Benefits:
Prevents malicious code injection through admin interface, protects against privilege escalation attacks, and maintains code integrity by forcing changes through secure methods.
Removes file editing capabilities from the WordPress admin area, including theme editor, plugin editor, and file management functions to prevent unauthorized code modifications.Benefits:
Prevents malicious code injection through admin interface, protects against privilege escalation attacks, and maintains code integrity by forcing changes through secure methods.
Security Tab > File & API Restrictions
Disable file changes via plugin and theme editors
How it works:
Specifically disables the built-in WordPress theme and plugin editors that allow direct code modification through the admin interface.Benefits:
Prevents unauthorized code modifications, reduces attack surface for compromised admin accounts, and forces secure development practices through proper file system access.
Specifically disables the built-in WordPress theme and plugin editors that allow direct code modification through the admin interface.Benefits:
Prevents unauthorized code modifications, reduces attack surface for compromised admin accounts, and forces secure development practices through proper file system access.
Security Tab > File & API Restrictions
Disable XML-RPC
How it works:
Completely disables the XML-RPC functionality in WordPress, which is often targeted for brute force attacks, DOS attacks, and pingback abuse.Benefits:
Eliminates a major attack vector for brute force attempts, prevents pingback spam and DDOS attacks, and reduces server resource consumption from malicious XML-RPC requests.
Completely disables the XML-RPC functionality in WordPress, which is often targeted for brute force attacks, DOS attacks, and pingback abuse.Benefits:
Eliminates a major attack vector for brute force attempts, prevents pingback spam and DDOS attacks, and reduces server resource consumption from malicious XML-RPC requests.
Security Tab > File & API Restrictions
Remove REST API Links
How it works:
Removes REST API discovery links from the HTML head and HTTP headers while optionally restricting API access for non-authenticated users.Benefits:
Reduces API endpoint discovery by attackers, provides granular access control over REST API functionality, and maintains API functionality while improving security through obscurity.
Removes REST API discovery links from the HTML head and HTTP headers while optionally restricting API access for non-authenticated users.Benefits:
Reduces API endpoint discovery by attackers, provides granular access control over REST API functionality, and maintains API functionality while improving security through obscurity.
Security Tab > File & API Restrictions
REST API Access
How it works:
Configures REST API access levels with options for default access, restricting to admins only, logged-in users only, or complete disabling of REST API access.Benefits:
Provides granular control over API access, prevents unauthorized data access, and enables secure API usage while blocking malicious requests.
Configures REST API access levels with options for default access, restricting to admins only, logged-in users only, or complete disabling of REST API access.Benefits:
Provides granular control over API access, prevents unauthorized data access, and enables secure API usage while blocking malicious requests.